[Samba] samba 4 / replicate ldap

[Andrew Bartlett]

On Wed, 2012-10-10 at 11:09 +0200, L.P.H. van Belle wrote:
> Hai Andrew, 
> thank you for you reply. 
> 
> In very short.
> 
> I want to replicate the database of samba4 to an other locations, over wan. 
> I want to have 1 domainname for signon, windows wil choose the closed location, so this should work. 
> Every other location wil have its own samba server ( in DC mode ), with proxy which is using the auth of samba. ( or info from local replicated read only ldap ) 
> Since this is over wan, i want to replicate the database.
> 
> I install the extra server in the main location, then will move it to the external location. 
> IP / DNS setup is nog problem for me, the location will have there own dhcp+dns server
> the dns zone wil be replicated to the master dns ( aka samba AD server on mail lokation ) 
> 
> this way i can manage everythis from main location. 
> Kix script is used for login script, these files are replicated between the netlogon folders. 
> ( and you i know the differences with sysvol ) I do windows/linux/novell servers. 
> 
> This setup works good with samba3, for years now. 
> The total setup had debian with samba ddns+dhcp, proxy , webservers, mailservers ( with zarafa7 and yes, i have pro licence, for ad integration ). 
> for most servers i can use the basic ldap info in the main location.
> 
> I read that replication over wan didnt work. with for example novell NDS, i can replicate 1 part of the NDS and as far i know this is not possible with AD. 

This all sounds like a perfect candiate for multiple Samba domain
controllers, perhaps with RODCs at some sites if you would prefer.
There shouldn't be any issue with replication over the WAN - it's just
another IP network as far as Samba is concerned. 

Just use Samba's DRS as the replication framework and it should just
work...

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org